I came across this blog post via the slashdot story
http://yro.slashdot.org/story/11/12/27/0044242/gnupg-short-id-collision-has-occurred
and frankly I am not convinced that there is an actual security problem.
The short ID is just for easy finding of the key. It is not intended for
unique GPG key identification, and anybody who uses it that way deserves
a good beating with the cluebat.
Best regards,
Chí-Thanh Christopher Nguyễn